Skip to content

Key Management Service (KMS)

To encrypt a password using KMS Key and store it in a file called password.enc

$ echo "MySuperSecretPassword" | base64 -e  | aws kms encrypt --key-id bbbbb934-8da4-4390-acf4-a1b351abcdef  --region eu-central-1 --plaintext fileb:///dev/stdin --output text --query CiphertextBlob > passwd.enc

To decrypt the file encrypted by the the KMS key

$ base64 -d passwd.enc | aws kms decrypt --ciphertext-blob fileb:///dev/stdin --region eu-central-1 --output text --query Plaintext | base64 -d | base64 -d

Encrypt a file using gpg:

$ echo $PASSWORD | gpg --batch --passphrase-fd 0 --no-tty -c -R -e --cipher-algo AES256 -o OutputFile InputFile

Another Way:
$ gpg --batch --passphrase $PASSWORD --no-tty -c -R -e --cipher-algo AES256 -o OutputFile InputFile 
Decrypt a file using gpg:
$ echo $PASSWORD | gpg --batch -d --no-tty --passphrase-fd 0 -o OutputFile Inputfile

Another way:
gpg --batch -d --no-tty --passphrase $PASSWORD -o OutputFile Inputfile